Categories
Domains Manage Your Own Server

CloudFlare and SSH Connection Timeout

Switched one of our sites to CloudFlare DNS and in our code routines, we connect to the site via SSH by its domain as the host.

Apparently it kept timing out as we were connecting to the wrong IP resolved by CloudFlare DNS which wasn’t the real IP for our server at all.

So we had to switch to DNS Only at CloudFlare for the A record of the domain and everything is working correctly again.

It took us a while to figure it out. It’s a tricky one. 😉

Categories
Business and Marketing Linux Server Administration Tips

Clone any static site by a simple Linux command WGET

Just use this and the WGET command will start crawling the target site and download certain levels of pages from the starting URL, including all its assets such as images or CSS files.

wget -k -K -E -r -l 1 -p -N -F --convert-links -H -Dcdn.shopify.com,v.shopify.com,www.yoursite.com,your-site.myshopify.com --restrict-file-names=windows https://www.yoursite.com/

The -D option specifies all the hosts that WGET should download the resources from in local files. Resources of hosts not specified in the option will be kept as is.

The issue for now is that I don’t know how to make it download dynamic images in data-src attributes, such as the images that will only show when scrolled into view.

Other that that, it’s a perfect command.

Categories
.htaccess Tutorials & Tips

.htaccess: Restricting access to all *.php files except index.php

<Files *.php>
    Order Deny,Allow
    Deny from all
    #Allow from 127.0.0.1
</Files>

<Files index.php>
    Order Allow,Deny
    Allow from all
</Files>

The 2 <Files> directives must be in the exact same order as above.

Categories
.htaccess Tutorials & Tips

Get rid of trailing slash off URL requests with .htaccess

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)\/(\?.*)?$ $1$2 [R=301,L]

Yeah, that’s it. So:

  1. /path/dir/ is redirected to /path/dir
  2. /path/dir/?a=1&b=2 is redirected to /path/dir?a=1&b=2
Categories
Information Security Linux Server Administration Tips PHP Tips & Tutorials

500 Internet Server Error for Incorrect Permissions after Installing suPHP and Uploading PHP Script

Many’s the time after you have uploaded some PHP script to your server and point the web browser to the address it gives 500 Internet Server Error. If you have suPHP installed this is very likely because the uploaded PHP script (files and directories) have wrong permissions set to them.

With regards to Linux permissions, suPHP requires all directories to be at least 755 and all files to be at least 644 for any PHP script to run. If the directory or the PHP script has the wrong permissions set to them, suPHP would give out 500 Internet Server Error until you have corrected them. In addition, the directory and the PHP script must be owned by the current user and group or they wouldn’t run either.

To fix this is very easy, just perform the following command after you have uploaded the PHP script:

chown -R youruser /home/youruser/public_html/*
chgrp -R youruser /home/youruser/public_html/*
find /home/youruser/public_html/* -type f -exec chmod 644 {} \;
find /home/youruser/public_html/* -type d -exec chmod 755 {} \;

The 1st line sets everything (files and directories) under /home/youruser/public_html/ to be owned by user youruser.

The 2nd line sets everything (files and directories) under /home/youruser/public_html/ to be owned by group youruser.

The 3rd line sets all files under /home/youruser/public_html/ to be 644 in permissions.

The 4th line sets all directories under /home/youruser/public_html/ to be 755 in permissions.

Categories
Hosting Tips & Deals Manage Your Own Server SQL / MySQL Tips and Tutorials

Make phpMyAdmin Show Exact Number of Records for InnoDB Tables

By default, phpMyAdmin shows an estimated number of records for InnoDB tables that have more than 20,000 rows. It can vary by every fresh as much as 50% or even more. Makes it hard to get an exact number of records for the tables as we have to explicitly run an SQL query to do that:

SELECT COUNT(*) FROM table_name

While it would make it a bit slower for phpMyAdmin to open up the database tables list page because it has to count the exact total number of records of each table in the database by this query, it’s worth it for some of us as we want to know the exact number of rows the InnoDB table currently has. phpMyAdmin does it for MyISAM tables, and we want it to do the same with InnoDB tables.

So how can we make phpMyAdmin show exact number of records for InnoDB tables?

Simple. Just open the config.inc.php in your phpMyAdmin installation directory and add this line:

$cfg['MaxExactCount'] = 2000000;

This configuration parameter sets the threshold that phpMyAdmin executes COUNT(*) against the table.

In this case, if the total number of recrods in this InnoDB table is larger than 2,000,000, the Rows count will be estimated, starting with a wave sign, ~; on the other hand, if the total number of records in this InnoDB table is smaller than 2,000,000, phpMyAdmin will run COUNT(*) against the table so an exact Rows count is displayed.

You get the idea.

To make phpMyAdmin show exact number of rows on all InnoDB tables, simply make the parameter $cfg[‘MaxExactCount’] large enough.

Categories
Linux Server Administration Tips

Cannot use ctrl-c. How to stop tail -f, etc?

When I ssh into my Debian Squeeze server and start up tail -f to watch a log file or anything else which uses ctrl-c to exit/stop, ctrl-c does not work. It prints the ^C character on screen and just keeps right on going.

Is there a setting somewhere that can be tweaked or maybe a different key combo that needs pressed?

Search results suggest that it’s a pretty common problem to Debian and that tinkering with the getty settings in /etc/inittab can fix it, but I’m hesitant to mess around in there too much. I may just take a snapshot and then see what happens.

Definitely an inittab thing, in case anyone else runs into this.
This line used to be at the top of the getty stuff

Code:

8:2345:respawn:/sbin/getty 38400 hvc0

I just moved it to the bottom and now ctrl-c works when connected using ssh.

Code:

 1:2345:respawn:/sbin/getty 38400 tty1
 2:23:respawn:/sbin/getty 38400 tty2
 3:23:respawn:/sbin/getty 38400 tty3
 4:23:respawn:/sbin/getty 38400 tty4
 5:23:respawn:/sbin/getty 38400 tty5
 6:23:respawn:/sbin/getty 38400 tty6
 8:2345:respawn:/sbin/getty 38400 hvc0
Categories
.htaccess Tutorials & Tips Free PHP Classes & Library Information Security PHP Tips & Tutorials

PHP Class for Handling .htpasswd and .htgroup (Member Login & User Management)

Apache is a marvelous web server that offers .htpasswd and .htgroup for controlling restricted access to your website. By help of .htaccess, they work as a member login & user management system that is so simple and easy to deploy. You can even define user groups / roles with it.

Basically,

  • .htpasswd defines pairs of username & password that are user accounts.
  • .htgroup defines groups / roles of user accounts that can be access-controlled as a whole.
  • .htaccess then applies .htpasswd and .htgroup to the current directory, and specifies which groups in .htgroup has access to the current directory.

For example, we have

/home/myuser/.htpasswd

user1:{SHA}kGPaD671VNU0OU5lqLiN/h6Q6ac=
user2:{SHA}npMqPEX3kPQTo+x/+ZckHDrIcQI=
user3:{SHA}q1Fh2LTUjjkncp11m0M9WUH5Zrw=

/home/myuser/.htgroup

admin: user2
editor: user1 user3
writer: user3

/home/myuser/public_html/example.com/member/.htaccess

AuthName "Members Area"
AuthType Basic
AuthUserFile /home/myuser/.htpasswd
AuthGroupFile /home/myuser/.htgroup
<Limit GET POST>
require group admin
require group writer
</Limit>

What they do is only let users in the admin and writer group, that is user2 and user3, to access example.com/member. When someone tries to access example.com/member, Apache would prompt him or her for user name and password, and he or she must be either user2 or user3 to access it – they must enter the correct password set out in .htpasswd for user2 or user3.

user1 isn’t allowed to access example.com/member even if the password is correct. You get the idea.

You can place .htaccess anywhere in your website, and it will control access to the directory it’s in by the defined rules (which groups / roles are allowed to access). Just make sure it is pointing to the right .htpasswd and .htgroup by AuthUserFile and AuthGroupFile.

And you can have multiple .htaccess in different directories of your website, using the same .htpasswd and .htgroup.

This is so simple yet so very handy in creating & managing different users and user roles (.htpasswd, .htgroup) and giving them permissions (.htaccess) in accessing different website assets.

PHP Class

Now that you are familiar with the basic authentication and native user management system in Apache, you can use this two simple PHP classes to automate tasks such as user creation, user deletion, adding user to group, and removing user from group.

class Htpasswd

class Htpasswd {
	
	private $file = '';
	private $salt = 'AynlJ2H.74VEfI^BZElc-Vb6G0ezE9a55-Wj';
	
	private function write($pairs = array()) {
		$str = '';
		foreach ($pairs as $username => $password) {
			$str .= "$username:{SHA}$password\n";
		}
		file_put_contents($this -> file, $str);
	}
	
	private function read() {
		$pairs = array();
		$fh = fopen($this -> file, 'r');
		while (!feof($fh)) {
			$pair_str = str_replace("\n", '', fgets($fh));
			$pair_array = explode(':{SHA}', $pair_str);
			if (count($pair_array) == 2) {
				$pairs[$pair_array[0]] = $pair_array[1];
			}
		}
		return $pairs;
	}
	
	private function getHash($clear_password = '') {
		if (!empty($clear_password)) {
			return base64_encode(sha1($clear_password, true));
		} else {
			return false;
		}
	}
	
	public function __construct($file) {
		if (file_exists($file)) {
			$this -> file = $file;
		} else {
			die($file." doesn't exist.");
			return false;
		}
	}

	public function getUsers() {
		return $this -> read();
	}
	
	public function addUser($username = '', $clear_password = '') {
		if (!empty($username) && !empty($clear_password)) {
			$all = $this -> read();
			if (!array_key_exists($username, $all)) {
				$all[$username] = $this -> getHash($clear_password);
				$this -> write($all);
			}
		} else {
			return false;
		}
	}
	
	public function deleteUser($username = '') {
		$all = $this -> read();
		if (array_key_exists($username, $all)) {
			unset($all[$username]);
			$this -> write($all);
		} else {
			return false;
		}
	}
	
	public function doesUserExist($username = '') {
		$all = $this -> read();
		if (array_key_exists($username, $all)) {
			return true;
		} else {
			return false;
		}
	}
	
	public function getClearPassword($username) {
		return strtolower(substr(sha1($username.$this -> salt), 4, 12));
	}
	
}

class Htgroup

class Htgroup {
	
	private $file = '';
	
	private function write($groups = array()) {
		$str = '';
		foreach ($groups as $group => $users) {
			$users_str = '';
			foreach ($users as $user) {
				if (!empty($users_str)) {
					$users_str .= ' ';
				}
				$users_str .= $user;
			}
			$str .= "$group: $users_str\n";
		}
		file_put_contents($this -> file, $str);
	}
	
	private function read() {
		$groups = array();
		$groups_str = file($this -> file, FILE_IGNORE_NEW_LINES);
		foreach ($groups_str as $group_str) {
			if (!empty($group_str)) {
				$group_str_array = explode(': ', $group_str);
				if (count($group_str_array) == 2) {
					$users_array = explode(' ', $group_str_array[1]);
					$groups[$group_str_array[0]] = $users_array;
				}
			}
		}
		return $groups;
	}
	
	public function __construct($file) {
		if (file_exists($file)) {
			$this -> file = $file;
		} else {
			die($file." doesn't exist.");
			return false;
		}
	}

	public function getGroups() {
		return $this -> read();
	}
	
	public function addUserToGroup($username = '', $group = '') {
		if (!empty($username) && !empty($group)) {
			$all = $this -> read();
			if (isset($all[$group])) {
				if (!in_array($username, $all[$group])) {
					$all[$group][] = $username;
				}
			} else {
				$all[$group][] = $username;
			}
			$this -> write($all);
		} else {
			return false;
		}
	}
	
	public function deleteUserFromGroup($username = '', $group = '') {
		$all = $this -> read();
		if (array_key_exists($group, $all)) {
			$user_index = array_search($username, $all[$group]);
			if ($user_index !== false) {
				unset($all[$group][$user_index]);
				if (count($all[$group]) == 0) {
					unset($all[$group]);
				}
				$this -> write($all);
			}
		} else {
			return false;
		}
	}

	public function getGroupsByUser($username = '') {
		$all = $this -> read();
		$user_groups = array();
		foreach ($all as $group => $users) {
			if (in_array($username, $users)) {
				$user_groups[] = $group;
			}
		}
		return $user_groups;
	}

}

Usage

First, you should use your own $salt. Change the value of $salt in the Htpasswd class to something else for your own application.

To instantiate the classes:

$passwdHandler = new Htpasswd('/home/myuser/.htpasswd');
$groupHandler = new Htgroup('/home/myuser/.htgroup');

To create and delete a user:

// Add a user with name 'user1' and password 'I prefer to use passphrase rather than password.' if it doesn't exist in .htpasswd.
$passwdHandler -> addUser('user1', 'I prefer to use passphrase rather than password.');
// Delete the user 'user1' if it exists in .htpasswd.
$passwdHandler -> deleteUser('user1');

To check if a particular user exists in .htpasswd:

// Check if user 'user1' exists in .htpasswd.
if ($passwdHandler -> doesUserExist('user1')) {
	// User 'user1' exists.
}

To get the clear text password for a particular user (Apache stores passwords in .htpasswd as encoded strings):

// Get the clear password for user 'user1'.
echo $passwdHandler -> getClearPassword('user1');

To add a user to a group:

// Add user 'user1' to group 'admin' in .htgroup. Group will be automatically created if it doesn't exist.
$groupHandler -> addUserToGroup('user1', 'admin');

To delete a user from a group (user still exists in .htpasswd, just not associated with the group any more):

// Delete user 'user1' from group 'admin' in .htgroup. Group will be automatically removed if it doesn't contain any users.
$groupHandler -> deleteUserFromGroup('user1', 'admin');

To get a list of groups a particular user is assigned to:

/* Get an array of groups that 'user1' is a member of. */
$user_groups = $groupHandler -> getGroupsByUser('user1');

Conclusion

This ain’t concluded. It’s just an END notice. Feel free to let me know your thoughts and how my classes work for you.

Categories
.htaccess Tutorials & Tips Apache Web Server Tutorials & Tips Content / SEO Tips & Tutorials Web Applications & Online Software

<IfModule></IfModule> in .htaccess

I was debugging about some mod_rewrite errors caused by the .htaccess file on one of my sites and couldn’t solve the problem myself so I opted for a help thread on the SitePoint.com forum. Turned out it’s not the problem of my mod_rewrite rules in .htaccess but some incorrect file permissions that were causing the trouble.

Dklynn was very nice to help me in this regard and offered a gold advice that I thought I should share with you.

You Should NOT Use <IfModule></IfModule>. Why?

He pointed out that I should get rid of the <IfModule> conditional from the .htaccess file. It’s useless and a complete waste of server resources by all means. No excuses.

Considering the fact that all HTTP requests (including those to trivial assets such as .css, .js, .gif, .jpg, etc., thus each web page download would trigger about 10 or even more HTTP requests) to the Apache web server are handled by the rules in your .htaccess file, I think I should get rid of all such <IfModule> conditionals from all .htaccess files on all my sites, or the server would be doing useless check of “If Module xxx Is Enabled” every time a HTTP request is received…..

With a site receiving 1000 page visits per day, your server would have to do 10,000 such useless checks at the cost server resources and performance.

Many famous 3rd party scripts such as WordPress has <IfModule></IfModule> in the .htaccess file by default. This is to prevent potential errors should the module was not installed on the client’s production site / server. You should try and remove it. If the mod_rewrite and SEO friendly URLs are working, you can remove it without any problems.

This is pure gold advice offered by Dklynn. Check out his site about Apache mod_rewrite.

Categories
Linux Server Administration Tips

Linux: How to delete / remove hidden files with ‘rm’ command?

To delete all content in any directory, including all sub-directories and files, I’ve been using this:

rm -rf somedir/*

If it is to delete all content of the current directory:

rm -rf *

However, it turns out ‘rm -rf’ doesn’t remove hidden files such as .htaccess (Files with a name starting with a dot are hidden in Linux). To delete all the hidden files as well, I have to run a 2nd command:

rm -rf .??*